From 273fae6b76567cd5cae6d2e1fb4edf2acac76f0b Mon Sep 17 00:00:00 2001 From: Suyeon Hwang Date: Mon, 17 Apr 2023 15:48:57 +0900 Subject: [PATCH] Prohibit engine ID access after tts_core_deinitialize() - Issue: check_engine_launching_status() is invoked and it makes the segmentation fault even though tts_core_deinitialize() is already finished. - Solution: After tts_core_deinitialize(), there is no client, so check_engine_launching_stats() is not neccessary to be invoked. However, previous code does not unset the callback, so the callback is still invoked and it makes segmentation fault error by accessing invalid pointer. To resolve this issue, this patch makes the code unset the callback in tts_core_deinitialize(). And also this patch adds null checker in the callback. Thus, invalid pointer access will not occur through this patch. Change-Id: I703e0a0e3cbc7d548e84b274609f27d9442d8537 Signed-off-by: Suyeon Hwang --- client/tts_core.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/client/tts_core.c b/client/tts_core.c index 28d5daa..3fcc909 100644 --- a/client/tts_core.c +++ b/client/tts_core.c @@ -684,6 +684,7 @@ static inline int __request_play(tts_client_s* client) int tts_core_initialize() { + SLOG(LOG_INFO, TAG_TTSC, "[INFO] Initialize core module"); ecore_main_loop_thread_safe_call_async(__pkgmgr_thread, NULL); if (0 != __update_engine_name()) { @@ -699,12 +700,14 @@ int tts_core_initialize() int tts_core_deinitialize() { + SLOG(LOG_INFO, TAG_TTSC, "[INFO] Deinitialize core module"); if (NULL != g_reprepare_thread && EINA_FALSE == ecore_thread_check(g_reprepare_thread)) { SLOG(LOG_INFO, TAG_TTSC, "[INFO] Cancel reprepare thread"); ecore_thread_cancel(g_reprepare_thread); ecore_thread_wait(g_reprepare_thread, 0.5); // wait g_reprepare_thread is terminated. } + app_manager_unset_app_context_event_cb(); if (NULL != g_unset_app_context_cb_idler) { ecore_idler_del(g_unset_app_context_cb_idler); g_unset_app_context_cb_idler = NULL; @@ -1267,7 +1270,11 @@ static void check_engine_launching_status(app_context_h app_context, app_context RET_IF(ret != APP_MANAGER_ERROR_NONE || NULL == app_id); char *engine_id = get_engine_appid(); - bool is_engine = (0 == strncmp(app_id, engine_id, TTS_ENGINE_APPID_LEN)); + bool is_engine = false; + if (NULL != app_id && NULL != engine_id && 0 == strncmp(app_id, engine_id, TTS_ENGINE_APPID_LEN)) { + is_engine = true; + } + free(app_id); free(engine_id); -- 2.7.4